logo
DATABASE RESOURCES PRICING ABOUT US

Medium: bash

Description

**Issue Overview:** rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell. (CVE-2019-9924) **Affected Packages:** bash **Issue Correction:** Run _yum update bash_ to update your system. **New Packages:** i686:     bash-debuginfo-4.2.46-34.43.amzn1.i686     bash-doc-4.2.46-34.43.amzn1.i686     bash-4.2.46-34.43.amzn1.i686 src:     bash-4.2.46-34.43.amzn1.src x86_64:     bash-4.2.46-34.43.amzn1.x86_64     bash-debuginfo-4.2.46-34.43.amzn1.x86_64     bash-doc-4.2.46-34.43.amzn1.x86_64 ### Additional References Red Hat: [CVE-2019-9924](<https://access.redhat.com/security/cve/CVE-2019-9924>) Mitre: [CVE-2019-9924](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9924>)


Affected Package


OS OS Version Package Name Package Version
Amazon Linux 1 bash-debuginfo 4.2.46-34.43.amzn1
Amazon Linux 1 bash-doc 4.2.46-34.43.amzn1
Amazon Linux 1 bash 4.2.46-34.43.amzn1
Amazon Linux 1 bash 4.2.46-34.43.amzn1
Amazon Linux 1 bash 4.2.46-34.43.amzn1
Amazon Linux 1 bash-debuginfo 4.2.46-34.43.amzn1
Amazon Linux 1 bash-doc 4.2.46-34.43.amzn1

Related